Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,618
Maven
5,000+
npm
4,255
NuGet
760
pip
4,043
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,095 advisories

Loading
An unauthenticated attacker with network access to the affected device's web interface can... High Unreviewed
CVE-2024-28138 was published Dec 10, 2024
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library ... High Unreviewed
CVE-2024-11003 was published Nov 19, 2024
Three OS command injection vulnerabilities exist in the web interface I/O configuration... High Unreviewed
CVE-2024-28027 was published Aug 26, 2025
Three OS command injection vulnerabilities exist in the web interface I/O configuration... High Unreviewed
CVE-2024-28026 was published Aug 26, 2025
Three OS command injection vulnerabilities exist in the web interface I/O configuration... High Unreviewed
CVE-2024-28025 was published Aug 26, 2025
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote... High Unreviewed
CVE-2020-4428 was published May 24, 2022
RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS command injection via a certain... High Unreviewed
CVE-2025-44960 was published Aug 4, 2025
A high privileged remote attacker can execute arbitrary system commands via POST requests in the... High Unreviewed
CVE-2025-41674 was published Jul 21, 2025
A high privileged remote attacker can execute arbitrary system commands via GET requests in the... High Unreviewed
CVE-2025-41675 was published Jul 21, 2025
A high privileged remote attacker can execute arbitrary system commands via POST requests in the... High Unreviewed
CVE-2025-41673 was published Jul 21, 2025
A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows... High Unreviewed
CVE-2025-1244 was published Feb 12, 2025
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via... High Unreviewed
CVE-2021-3621 was published Dec 24, 2021
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500... High Unreviewed
CVE-2025-54404 was published Oct 7, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a command injection vulnerability that... High Unreviewed
CVE-2025-34311 was published Oct 28, 2025
IPFire versions prior to 2.29 (Core Update 198) contain a command injection vulnerability that... High Unreviewed
CVE-2025-34312 was published Oct 28, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet... High Unreviewed
CVE-2025-54406 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet... High Unreviewed
CVE-2025-54405 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500... High Unreviewed
CVE-2025-54403 was published Oct 7, 2025
FutureNet MA and IP-K series provided by Century Systems Co., Ltd. contain an OS command... High Unreviewed
CVE-2025-54763 was published Oct 31, 2025
Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP... High Unreviewed
CVE-2025-34280 was published Oct 31, 2025
Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF... High Unreviewed
CVE-2020-36867 was published Oct 31, 2025
Nagios XI versions prior to 5.4.13 contain a remote code execution vulnerability in the Component... High Unreviewed
CVE-2018-25122 was published Oct 31, 2025
Nagios XI versions prior to 2012R1.6 contain a shell command injection vulnerability in the Auto... High Unreviewed
CVE-2013-10073 was published Oct 31, 2025
Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-43940 was published Oct 30, 2025
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-43942 was published Oct 30, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database